Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Gradmin

6 Posts

4190

July 21st, 2010 13:00

Avamar 5 and VPN or External Client access

Hi,

We just got upgraded to version 5 on our Avamar node, and I'm looking into seeing about providing backup capabilities from outside our network.

Currently, we have to start up a VPN connection, and then do a manual backup from the client.  This works, but it's a hassle, because we use ISA 2006 as our Firewall, and this seems like a slower method of backing up data.  We run nearly everything on Server 2003 for our environment.

Does the new version of Avamar provide any further capabilites as far as a direct VPN access, or am I going to have to set up some sort of NAT route to point the node's internal IP address to an external IP address?

I'm trying to make this both secure and as simple as possible for external users, but still retain the functionality of backing up our internal network computers.

Thanks for any suggestions you might have.

5uR68oOE7d12317

48 Posts

July 22nd, 2010 06:00

Hi

The desktop and laptop solution can include clients that are connected to theAvamar grid remotely, including by a VPN connection or a wireless connection. The clients and network connections must meet the requirements as mentioned in the attached images.

2 Attachments

JohnCrouch_a316b2

28 Posts

August 3rd, 2010 12:00

We have a dozen or so users that have laptops that are part of our domain, but are always located at remote locations and rely on VPN to connect to our network.  They use Avamar 4.  Mostly it works.  Issues to consider:

1.  Size of dataset.  Initial backup of large amounts of data over wireless & VPN connections is SLOW.  Until you get a complete, good backup, you have nothing to restore from.

2.  Firewalls:  firewalls on client pc, firewalls on broadband routers, firewalls on public APs, firewalls on corporate...   They can all prevent the Avamar server from contacting the client and telling it to start a backup.  If you can, add firewall rules to allow the needed ports to be open.

3.  Paging :  the Avamar client on the pc normally only contacts the Avamar server once per hour.  If you disable paging (Avamar client policy), it tries to check-in every minute.  If the remote pc only connects to the internal network for limited amounts of time (as is common with our remote sales people), you should consider disable paging.  It will ensure the client starts the Avamar backup as soon as it can connect to the Avamar server, rather than waiting upto an hour.

MelvinHare

2 Posts

June 12th, 2013 09:00

Anyone else got this working with Direct Access -

EMC Avamar Client (Offline) - 6.1.0-402

We can telnet all the following from the LAN and from DA mode

7778

27000

28001

29000

28000 doesn't seem to work inside or outside ....

ionthegeek

2K Posts

June 12th, 2013 10:00

A VPN connection is required for Avamar 6.1 and earlier. The product team is planning to relax this requirement in the upcoming release.

In any case, the port requirements for backups are as follows:

  • The Avamar client agent must be able to reach the Avamar server's utility node (or single node for single node servers) on port 28001.
  • The process that performs the backups on the client (avtar) must be able to reach the Avamar server's utility node and all storage nodes on port 27000 (for unencrypted backups) or port 29000 (for encrypted backups)
  • (Optional) For a client to be browsable from the Avamar Administrator GUI (MC GUI), the Avamar Administrator Server (also called the MCS) must be able to reach the client agent listening on port 28002 on the client.

Port 7778 is only required for Avamar Administrator, it is not required for backups.

View More

View All

No Events found!

Top